summaryrefslogtreecommitdiff
path: root/actions/otp.php
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-01-08 17:20:25 -0800
committerEvan Prodromou <evan@status.net>2010-01-09 15:26:06 -0800
commited5828f30ea0f7a30e01d407058990b06164c6f3 (patch)
tree7ad837785d6c6ea5156092543857df6447812a58 /actions/otp.php
parentf396701b6466749c09ce16b1e7f2f96c10b05cdd (diff)
Redirect to a one-time-password when ssl and regular server are different
Diffstat (limited to 'actions/otp.php')
-rw-r--r--actions/otp.php145
1 files changed, 145 insertions, 0 deletions
diff --git a/actions/otp.php b/actions/otp.php
new file mode 100644
index 000000000..acf84aee8
--- /dev/null
+++ b/actions/otp.php
@@ -0,0 +1,145 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Allow one-time password login
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Login
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+ exit(1);
+}
+
+/**
+ * Allow one-time password login
+ *
+ * This action will automatically log in the user identified by the user_id
+ * parameter. A login_token record must be constructed beforehand, typically
+ * by code where the user is already authenticated.
+ *
+ * @category Login
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
+ * @link http://status.net/
+ */
+
+class OtpAction extends Action
+{
+ var $user;
+ var $token;
+ var $rememberme;
+ var $returnto;
+ var $lt;
+
+ function prepare($args)
+ {
+ parent::prepare($args);
+
+ if (common_is_real_login()) {
+ $this->clientError(_('Already logged in.'));
+ return false;
+ }
+
+ $id = $this->trimmed('user_id');
+
+ if (empty($id)) {
+ $this->clientError(_('No user ID specified.'));
+ return false;
+ }
+
+ $this->user = User::staticGet('id', $id);
+
+ if (empty($this->user)) {
+ $this->clientError(_('No such user.'));
+ return false;
+ }
+
+ $this->token = $this->trimmed('token');
+
+ if (empty($this->token)) {
+ $this->clientError(_('No login token specified.'));
+ return false;
+ }
+
+ $this->lt = Login_token::staticGet('user_id', $id);
+
+ if (empty($this->lt)) {
+ $this->clientError(_('No login token requested.'));
+ return false;
+ }
+
+ if ($this->lt->token != $this->token) {
+ $this->clientError(_('Invalid login token specified.'));
+ return false;
+ }
+
+ if ($this->lt->modified > time() + Login_token::TIMEOUT) {
+ //token has expired
+ //delete the token as it is useless
+ $this->lt->delete();
+ $this->lt = null;
+ $this->clientError(_('Login token expired.'));
+ return false;
+ }
+
+ $this->rememberme = $this->boolean('rememberme');
+ $this->returnto = $this->trimmed('returnto');
+
+ return true;
+ }
+
+ function handle($args)
+ {
+ parent::handle($args);
+
+ // success!
+ if (!common_set_user($this->user)) {
+ $this->serverError(_('Error setting user. You are probably not authorized.'));
+ return;
+ }
+
+ // We're now logged in; disable the lt
+
+ $this->lt->delete();
+ $this->lt = null;
+
+ if ($this->rememberme) {
+ common_rememberme($this->user);
+ }
+
+ if (!empty($this->returnto)) {
+ $url = $this->returnto;
+ // We don't have to return to it again
+ common_set_returnto(null);
+ } else {
+ $url = common_local_url('all',
+ array('nickname' =>
+ $this->user->nickname));
+ }
+
+ common_redirect($url, 303);
+ }
+}